HackerLangs
TopNewTrendsCommentsPastAskShowJobs

eblume

no profile record

comments

eblume
·vor 18 Tagen·discuss
When you've been given an epidural, you are generally required to be in a bed. (This doesn't answer your question, but I think it is relevant.)
eblume
·vor 23 Tagen·discuss
Thanks! I did not know that. That changes a lot.
eblume
·vor 23 Tagen·discuss
I'm not sure I follow. I am a US citizen and have never lived abroad, but my understanding is that US Citizens living abroad must still pay the US a full federal income tax. It's graduated/progressive, of course, so the actual percentage may vary, but it should probably be between 15% and 40% of income. Not what I would call small. I don't think they can deduct local taxes, can they?
eblume
·vor 25 Tagen·discuss
https://www.ic3.gov

You won't hear back from them, though. But, at least for US citizens (and possibly for anyone?), this is as far as I know the closest thing there is to an "Internet 911".
eblume
·letzten Monat·discuss
As per the demo, in order for Siri to rotate your passwords "for you", you have to open the Password app, go to their dashboard on weak or exposed passwords, and click a button asking it to rotate your password account by account.

So yes. It's off by default. You have to affirmatively use the feature. (This is purely based on what I remember from the demo, mind you. I have not used the feature.)
eblume
·vor 2 Monaten·discuss
You’re welcome! I only ran in to this last week and I might not have this straight yet because I haven’t had time to sit and untangle it. I have a private repo that has a release workflow that publishes a Python package to the forgejo package repository using my public user profile. I mistakenly assumed that because the repo was private the package would be as well but that link is not enough to set public/private and it is instead fully public. Listable and everything, no PAT needed. This is where I’m less clear: I think I could make my user profile private and this would hide the packages, but I want my profile public. So I just black-holed the entire packages api outside of the tailnet.
eblume
·vor 2 Monaten·discuss
Yup, I’ve done this. I use a fly.io proxy that runs nginx, fail2ban, and that forwards to my tailnet where Caddy resolves to the actual instance. It’s critical that you disable local registration - I have authentik (only available on the tailnet) as an IdP but you can also just disable reg after making your own account of course. I also have a robots.txt that disables some stuff like all the individual rendered git commit views otherwise scrapers get stuck in an endless loop and also I strictly forbid access to the forgejo package repository since I have some private packages and the permission granularity there is not what I want it to be, still dialing that in. I’m keeping an eye on it and so far nothing terrible has happened. docs.eblu.me if you would like details… I could also link straight to the infra code if you like.
eblume
·vor 2 Monaten·discuss
This is called KYC and is a standard part of operating a financial service. Seems to me like it should be part of internet infrastructure services as well. And, I thought, in some cases already is?
eblume
·vor 3 Monaten·discuss
There are strict rules about not talking about open investigations because of so-called "Tipping-off" rules. It can carry some pretty serious penalties - jail time, fines. I agree it would be nice if the FBI itself made some announcements about these sorts of things, and they might do that in aggregate, but if you're a bank or fintech employee and you're in communication with the FBI you absolutely cannot say anything about it. Even confirming that an investigation existed could be penalized.
eblume
·vor 3 Monaten·discuss
Thanks... hence, 3-2-1 backups with offsite :) appreciate it though. Will definitely be rolling my own NAS in the future, I just needed something easy at the time.
eblume
·vor 3 Monaten·discuss
Having worked in compliance engineering I have also reported through the IC3 portal, and spoken with lawyers and analysts who register with FinCEN (which, to be clear, is maybe just a step beyond "My Uncle works at Nintendo...") and I have heard that those reports do get reviewed and often acted on, but yes, you will typically never hear back from them. (FinCEN has its own reporting structure, but we also submitted certain reports through the IC3 portal as well.)
eblume
·vor 3 Monaten·discuss
Same. I lost a lot of photos this way. I've recently moved over to Immich + Borg backup with a 3-2-1 backup between a local synology NAS and BorgBase. Painful lesson, but at least now I feel much more confident. I've even built some end-to-end monitoring with Grafana.
eblume
·vor 4 Monaten·discuss
I've recently started hosting my own forgejo instance. It works so well! Free tailscale for connectivity. I expose mine over fly.io proxy, also free, but not to be done without caution.
eblume
·vor 4 Monaten·discuss
It's a pretty common feature of youtube creator studio. https://www.theverge.com/news/840789/youtube-video-title-a-b...
eblume
·vor 4 Monaten·discuss
Same! I've also recently exposed mine to the internet through a fly.io proxy, though. So far, no issues, but I'm keeping a close eye.
eblume
·vor 4 Monaten·discuss
Correct. Not sure about a sql archive, but the kiwix ZIM archive of the top 1M English articles including (downsized but not minimized) images is 43GiB: https://download.kiwix.org/zim/wikipedia/

And the entire English wikipedia with no images is, interestingly, also 43GiB.
eblume
·vor 4 Monaten·discuss
I don't know; we also grow corn for ethanol and add it to gas.
eblume
·vor 4 Monaten·discuss
It goes a lot further than plan mode though, in fact I would say the key difference of mikado refactors from waterfall refactors is that you don’t do all the planning up front with mikado. If anything you try to do as little planning as possible.
eblume
·vor 4 Monaten·discuss
I’ve been using a form of the Mikado Method based on a specific ordering of git commits (by message prefix) along with some pre commit hook scripts, governed by a document: https://docs.eblu.me/how-to/agent-change-process

I have this configured to feed in to an agent for large changes. It’s been working pretty well, still not perfect though… the tricky part is that it is very tempting (and maybe even sometimes correct) to not fully reset between mikado “iterations”, but then you wind up with a messy state transfer. The advantage so far has been that it’s easy to make progress while ditching a session context “poisoned” by some failure.
eblume
·vor 5 Monaten·discuss
Thanks, it's also available via my 1password cloud account, so it'd have to be a joint fire at my home and the 1password data center (and my phone, for that matter). Pretty bad day I feel.

Unrelated note: this was the first time I've linked to my static generated docs for this project and it was really fun watching the grafana dash of my fly.io nginx proxy pick up all the scraping traffic. Thanks for warming my cache :) I work with this tech all the time at my day job but this is the first time I've hosted something from my home, it's genuinely made my afternoon to see it light up.